[PM-5518] Refactor Email Token Providers (#3784)

* new email token providers * move email redaction to core helpers * make token options configurable * protected setters on options * fix email token provider tests * fix core tests --------- Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
2025-07-04 01:22:50 -05:00 · 2024-07-11 14:39:27 -04:00
parent 1292736f54
commit d2567dd42d
9 changed files with 131 additions and 78 deletions
--- a/src/Identity/IdentityServer/BaseRequestValidator.cs
+++ b/src/Identity/IdentityServer/BaseRequestValidator.cs
@ -511,7 +511,9 @@ public abstract class BaseRequestValidator<T> where T : class
                }
                else if (type == TwoFactorProviderType.Email)
                {
-                    return new Dictionary<string, object> { ["Email"] = token };
+                    var twoFactorEmail = (string)provider.MetaData["Email"];
+                    var redactedEmail = CoreHelpers.RedactEmailAddress(twoFactorEmail);
+                    return new Dictionary<string, object> { ["Email"] = redactedEmail };
                }
                else if (type == TwoFactorProviderType.YubiKey)
                {
--- a/src/Identity/appsettings.Development.json
+++ b/src/Identity/appsettings.Development.json
@ -14,6 +14,12 @@
      "internalVault": "https://localhost:8080",
      "internalSso": "http://localhost:51822"
    },
+    "mail": {
+      "smtp": {
+        "host": "localhost",
+        "port": 10250
+      }
+    },
    "attachment": {
      "connectionString": "UseDevelopmentStorage=true"
    },